[ https://issues.apache.org/jira/browse/PDFBOX-5521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17610436#comment-17610436 ]
Michael Klink commented on PDFBOX-5521: --------------------------------------- {quote}COSWriter code hits an "old" signature that is (for whatever reason, maybe it was incorrectly included) present in the incremental part.{quote} Most likely the problem signature in question is the usage rights signature. (The message "This document enabled extended features in Adobe Acrobat Reader." indicates that there is a usage rights signature in the PDF in question.) In contrast to other signatures, a usage rights signature dictionary need not be an indirect object, it may be a direct object in the *Perms* dictionary which in turn may be a direct object in the catalog dictionary. Thus, such a usage rights signature may occur again and again in each incremental update touching the catalog. In particular such a recurring usage rights signature is not _incorrectly included_ and the PDFBox signing code must be able to recognize that its signature dictionary is not the dictionary of the currently to sign signature field. > Signing tries to set byteRange of old signature > ----------------------------------------------- > > Key: PDFBOX-5521 > URL: https://issues.apache.org/jira/browse/PDFBOX-5521 > Project: PDFBox > Issue Type: Bug > Components: Signing > Affects Versions: 2.0.27 > Reporter: Tilman Hausherr > Assignee: Tilman Hausherr > Priority: Major > Fix For: 2.0.28, 3.0.0 PDFBox > > > A long bug report on the users mailing lists leads to the finding that the > COSWriter code hits an "old" signature that is (for whatever reason, maybe it > was incorrectly included) present in the incremental part. The signing then > fails because the byte range to be written is longer than the existing byte > range. > To avoid this, we improve signature detection by checking that the size > indicated by byteRange is higher than the existing PDF size. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org